1 to 10 of 22
Sort by

Discussion Post
SRX300 IDP setup "Either configure idp or idp-policy and not both"

Hi, i am a bit lost trying to setup IDP on my srx300. i have read all the resources online here and here to activate the license, download & install signature package, download & install templates and also copy/modify template to our needs. the problem I am running into is...

Discussion Post
SRX Download signature problem with routing-instance in place

Hi, I've this problem to download signature on my firewall due routing-instance configuration and not direct internet reachability on the main routing instance. I try: 1) offline procedure. But for my version and product (SRX-110) i think that something is wrong on the website and...

Discussion Post
SRX IDP - Only log drop action on multiple matches in policy

Hi folks. I am going through a project with IDP on the SRX. While we tune the IDP, there is multiple matches on attacks when in the policy. For instance, I added some XSS attacks to a new rule with an action of drop. Some of these XSS are still bundled with other built-in attack groups that have...

Discussion Post
IDP Direction on SRX

Hi, My understanding says it is more worth to apply IDP only from Untrust to all zones direction as this is direction from where most attacks come from and decrease the amount of traffic processed by IDP if you have a lot LAN to LAN or cross site traffic over MPLS. Please share your...

Discussion Post
IDP Exempt Rulebases with logging enabled ?

Hi I have an IDP policy on a SRX with 2 rules. Rule 1 matches Critical prefined attack groups Rule 2 matches Major predined attack groups Both log alert and block One predefined attack within the critical attack group is tiggering and blocking traffic. I have created an exempt rulebase...